How Figma protects internal tools using off the shelf AWS services with Max Burkhardt, a security engineer at Figma

### Key topics on Access Control Podcast: Episode 10 - Protecting Internal Apps at Figma

• In hyper growth companies, hyper growth itself is one of the key assets that need to be protected.
• It's important not to draw too many lines between security roles in different subfields (securing engineering, data security, production security) since there are increasingly crossover points between infrastructure, security, and application security in the cloud age.
• There are differences in how B2B and B2C companies think about scale and about compliance.
• The desire to have nicely designed, effective internal web applications (such as a web UI to support various operations) is definitely growing. Figma decided to invest time in this area and built a really well-structured, effective approach early on.
• Some functionality works best as a command line tool, and in certain cases, it’s the right approach.
• Figma uses AWS for most of its cloud infrastructure, and uses Okta for employee authentication and authorization.
• Application load balancers (ALBs) are powerful reverse proxies that Amazon provides as a service, basically giving you an API to configure them.